On 1/14/12 8:44 PM, Greg Smith wrote:
> Second, e-mail provides some level of validation that patches being
> submitted are coming from the person they claim. We currently reject
> patches that are only shared with the community on the web, via places
> like github. The process around this mailing list tries to make it
> clear sending patches to here is a code submission under the PostgreSQL
> license. And e-mail nowadays keeps increasing the number of checks that
> confirm it's coming from the person it claims sent it. I can go check
> into the DKIM credentials your Gmail message to the list contained if
> I'd like, to help confirm it really came from your account. E-mail
> headers are certainly not perfectly traceable and audit-able, but they
> are far better than what you'd get from a web submission. Little audit
> trail there beyond "came from this IP address".
Putting submitters aside, I have to say based on teaching people how to
use the CF stuff on Thursday night that the process of submitting a
review of a patch is VERY unintuitive, or in the words of one reviewer
"astonishingly arcane". Summing up:
1. Log into CF. Claim the patch by editing it.
2. Write a review and email it to pgsql-hackers.
3. Dig the messageID out of your sent mail.
4. Add a comment to the patch, type "Review" with the messageID, and
ideally a short summary comment of the review.
5. Edit the patch to change its status as well as to remove yourself as
reviewer if you plan to do no further review.
There are so many things wrong with this workflow I wouldn't know where
to start. The end result, though, is that it strongly discourages the
occasional reviewer by making the review process cumbersome and confusing.
I'll also point out that the process for *applying* a patch, if you
don't subscribe to hackers and keep archives around on your personal
machine for months, is also very cumbersome and error-prone. Copy and
paste from a web page? Really?
Certainly we could spend the next 6 years incrementally improving the CF
app "in our spare time". But maybe it might be a better thing to look
at the code development tools which are already available?
--
Josh Berkus
PostgreSQL Experts Inc.
http://pgexperts.com